From 0463b8303d8d5fa9a7770815f582d37538ad00a6 Mon Sep 17 00:00:00 2001
From: Tully Gray <tully.gray@protonmail.com>
Date: Tue, 15 Feb 2022 11:07:15 +1100
Subject: [PATCH 1/1] New policy tunable: Determine whether portage can use
 cifs filesystems.

Signed-off-by: Tully Gray <tully.gray@protonmail.com>
---
 policy/modules/admin/portage.te | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/policy/modules/admin/portage.te b/policy/modules/admin/portage.te
index 9abbdc37..db7d2b19 100644
--- a/policy/modules/admin/portage.te
+++ b/policy/modules/admin/portage.te
@@ -13,6 +13,14 @@ policy_module(portage)
 ## </desc>
 gen_tunable(portage_use_nfs, false)
 
+## <desc>
+##	<p>
+##	Determine whether portage can
+##	use cifs filesystems.
+##	</p>
+## </desc>
+gen_tunable(portage_use_cifs, false)
+
 ## <desc>
 ##	<p>
 ##	Determine whether portage domains can read user content.
@@ -148,6 +156,10 @@ tunable_policy(`portage_use_nfs',`
 	fs_read_nfs_files(gcc_config_t)
 ')
 
+tunable_policy(`portage_use_cifs',`
+	fs_read_cifs_files(gcc_config_t)
+')
+
 optional_policy(`
 	consoletype_exec(gcc_config_t)
 ')
@@ -340,6 +352,13 @@ tunable_policy(`portage_use_nfs',`
 	fs_manage_nfs_symlinks(portage_fetch_t)
 ')
 
+tunable_policy(`portage_use_cifs',`
+	fs_getattr_cifs(portage_fetch_t)
+	fs_manage_cifs_dirs(portage_fetch_t)
+	fs_manage_cifs_files(portage_fetch_t)
+	fs_manage_cifs_symlinks(portage_fetch_t)
+')
+
 tunable_policy(`portage_read_user_content',`
 	userdom_read_user_home_content_files(portage_fetch_t)
 	userdom_list_user_home_content(portage_fetch_t)
-- 
2.34.1